[Wlug] Comprimised servers?
Karl Hiramoto
karl at hiramoto.org
Wed Feb 28 11:11:07 EST 2007
What gives you evidence they were compromised?
To what extent was security breached? Was just a website defaced, did
they get user, or root access?
Do you know how they got in? You may want to audit all of your running
services and check if there are known exploits.
Unfortunately your best option may be to backup your data, format disks,
and reinstall the OS. It can be hard to tell if a back door was
installed.
..
karl
Michael Zarozinski wrote:
> Hi all,
>
> It appears as if 2 servers we have were compromised. Does anyone know of
> someone or a business we can get to examine our servers and tell us what
> to do? Our hosting company is not the easiest to deal with and I'm
> having trouble getting anything beyond level 1 support from them.
>
> Thank you in advance,
>
> Michael
> _______________________________________________
> Wlug mailing list
> Wlug at mail.wlug.org
> http://mail.wlug.org/mailman/listinfo/wlug
>
>
More information about the Wlug
mailing list